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DETAILED ACTION 

Continued Examination Under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
02/26/2008 has been entered. 

Response to Amendment 

2. In response to communications filed on 02/26/2008, applicant cancels claims 1- 
26; adds claims 27-47. The following claims, claims 27-47 are presented for 
examination. 

Response to Remarks/Arguments 

3. Applicant's arguments, pages 8-12, with respect to the rejection of claims 27-47 
have been fully considered but they are not persuasive. 

3.1 In response to Applicant argument that the Cheng and Botz references do not 
teach or suggest artifacts as recited in the claims, the Examiner respectfully disagrees 
citing columnl lines 47-50 - "user-specific information ... personal data ... pertaining to 
a user" and column 1 lines 52-60 which specifically recites user information (artifacts) 
such as "credit card information, street address, telephone number, social security 
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number, bank details, personal health information, taxation data, criminal records, etc. 
from one sever to another." Applicant has not overcome the rejection. 

3.2 In response to Applicant argument that the Cheng and Botz references do not 
teach or suggest a central server system of any kind, the Examiner respectfully 
disagrees referencing Figure 1 element 20 which clearly discloses a server central to 
the data network. Applicant has not overcome the rejection. 



Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1 ) an application for patent, published under section 1 22(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 



Claims 27-31 , 33-35, 37-45 and 47 are rejected under 35 U.S.C. 102(e) as being 
disclosed by Cheng et al. (U.S. Patent 7,010,582 B1). 



[Examiner's Reasoning: The Examiner understands the disclosed "number of 
MDSSO (multiple domain, single sign-on) servers" (col. 5 line 43 - col. 6 line 2) 
to read upon the multiple "applications" (first application, second application, etc.) 
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as these "applications" are functioning as servers and performing the duties or 
services of a server. Anyone skilled in the art would understand the disclosed 
"applications" to be the software or applications which operates servers, such as 
the servers disclosed by Cheng et al.l 

Regarding claim 27-28, 34-35, 41-42 , Cheng et al. . discloses a method for 
managing access to a plurality of applications using a central server, comprising: 
receiving a user name and a user password of a user from a first application 
(col.1 lines 47-50 - "user-specific information ... personal data ... pertaining to a 
user"); generating identity assertion information using the user name and the 
user password (col. 2 lines 12-36 - "network device in response to this message 
from the end user device sends a response message to the end user device 
containing the access control information to be conveyed to the another network 
device"); generating a first artifact associated with the identity assertion 
information (col. 1 lines 52-60 - "sending credit card information, street address, 
telephone number, social security number, bank details, personal health 
information, taxation data, criminal records, etc. from one sever to another"); 
sending the first artifact to the first application (col. 1 lines 52-60 - "sending credit 
card information, street address, telephone number, social security number, bank 
details, personal health information, taxation data, criminal records, etc. from one 
sever to another"); 

receiving the first artifact and a request for the identity assertion information from 
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a second application, wherein the second application receives the first artifact 
from the first application (col. 2 lines 12-36 - "network device in response to this 
message from the end user device sends a response message to the end user 
device containing the access control information to be conveyed to the another 
network device"); verifying the validity of the first artifact upon receipt from the 
second application(col. 6 lines 53-59 - "the authentication front end 22, after 
successful validation, generates an MDSSO cookie and sends this back to the 
user in the header portion of a message which also redirects the user's browser 
to access the server's MDSSO function 24"); and 

sending the identity assertion information to the second application, wherein the 
second application uses the identity assertion information to authorize the user to 
access the second application (col. 6 lines 53-59 - "the authentication front end 
22, after successful validation, generates an MDSSO cookie and sends this back 
to the user in the header portion of a message which also redirects the user's 
browser to access the server's MDSSO function 24"). 

Regarding claim 29, 36, 43 , Cheng et al. , discloses the method of claim 28, 
wherein the identity assertion information is stored in the central server (Figure 1 
element 20). 



Regarding claim 30, 37, 44 , Cheng et al. , discloses the method of claim 27, 
wherein the first artifact comprises a type code, a source identification, and an 
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assertion identification (col. 1 lines 52-60 - "sending credit card information, 
street address, telephone number, social security number, bank details, personal 
health information, taxation data, criminal records, etc. from one sever to 
another"); sending the first artifact to the first application (col. 1 lines 52-60 - 
"sending credit card information, street address, telephone number, social 
security number, bank details, personal health information, taxation data, criminal 
records, etc. from one sever to another"). 

Regarding claim 31 , 38, 45 , Cheng et al. , discloses the method of claim 30, 
wherein the first artifact further comprises a server identification (col.1 lines 47-50 
- "user-specific information ... personal data ... pertaining to a user"). 

Regarding claim 33, 40 and 47 , Cheng et al. , discloses the method of claim 27, 
wherein the user name and the user password are obtained by the first 
application from a web browser (col. 1 line 15 - "web-browser") and col.1 lines 
47-50 - "user-specific information ... personal data ... pertaining to a user"). 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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Claim 32, 36 and 46 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Cheng etal. (US Patent No. 7,010,582 B1) and further in view of Botz etal. 
(US Patent Application No. 2003/0177388 A1). 

Regarding claim 32, 36 and 46 , Cheng et al. , Cheng et al. is silent in disclosing 
the method as described in Claim I, wherein said assertion information and said 
plurality of artifacts substantially comply with a Security Assertions Markup 
Language (SAML) standard, and said network of trusted partner sites facilitates 
web browser single sign-on capabilities using interoperational protocols 
substantially complying with said SAML standard, however Botz et al. does 
disclose such a method (0066 of Botz et al. - "ITTs and ITTRs could be stored as 
published XML documents which could be stored further implemented using the 
Security Assertion Markup Language (SAML), which is a proposed standard."). 

It would have been obvious for one of ordinary skill in the art, at the time of 
the invention, the have been motivated to combine the system and 
method for providing interactions between multiple servers and an end 
user with the authentication identity translation within a multiple computing 
unit environment of Botz et al.. Cheng hints towards the possible benefit of 
such a combination in the recitation of the need for a "some standard data 
format should be agreed upon to pass the information from site to site. 
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Furthermore, preferably this passing of confidential information should be 
done in a secure fashion, by using some sort of cryptographic means for 
example (col. 1 1 lines 47-52)." Botz et al. provides motivation for the 
combination in the description of, "the emerging web services computing 
model, [in which] the various AIT logical processes e.g., Domain Controller 
and interface services could be implemented as published and 
subscribed to web accessible services. Likewise, ITTs and ITTRs could be 
stored as published XML documents which could be further implemented 
using the Security Assertion Markup Language (SAML), which is a 
proposed standard." Clearly there is motivation and benefit to modify the 
invention of Cheng towards compliance with a technology, namely SAML 
which is a proposed standard. 

Conclusion 

6. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to CHINWENDU C. OKORONKWO whose telephone 
number is (571)272-2662. The examiner can normally be reached on MWF 2:30 - 6:00, 
TR 9:00-3:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser Moazzami can be reached on (571) 272 4195. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

10. C. O.I 

Examiner, Art Unit 2136 
March 26, 2008 

/Nasser G Moazzami/ 

Supervisory Patent Examiner, Art Unit 2136 



